Skip to content

Commit

Permalink
ci: disable permissions, run typecheck with lint (#6368)
Browse files Browse the repository at this point in the history
  • Loading branch information
sheremet-va authored Aug 20, 2024
1 parent da52d23 commit 5388f0c
Show file tree
Hide file tree
Showing 3 changed files with 228 additions and 68 deletions.
46 changes: 25 additions & 21 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
name: CI

# Remove default permissions of GITHUB_TOKEN for security
# https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
permissions: {}

on:
push:
branches:
Expand All @@ -20,20 +24,37 @@ env:

jobs:
lint:
runs-on: macos-14
timeout-minutes: 10
runs-on: ubuntu-latest
name: 'Lint: node-20.14, ubuntu-latest'
steps:
- uses: actions/checkout@v4

- uses: ./.github/actions/setup-and-cache
with:
node-version: 20.14

- name: Install
run: pnpm i

- name: Build
run: pnpm run build

- name: Lint
run: pnpm run lint

- name: Typecheck
run: pnpm run typecheck

# From https://github.com/rhysd/actionlint/blob/main/docs/usage.md#use-actionlint-on-github-actions
- name: Check workflow files
run: |
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
./actionlint -color -shellcheck=""
changed:
runs-on: ubuntu-latest
name: 'Diff: node-latest, ubuntu-latest'
outputs:
should_skip: ${{ steps.changed-files.outputs.only_changed == 'true' }}

Expand All @@ -50,27 +71,9 @@ jobs:
!.github/workflows/ci.yml
**.md
typecheck:
needs: changed
if: needs.changed.outputs.should_skip != 'true'
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4

- uses: ./.github/actions/setup-and-cache

- name: Install
run: pnpm i

- name: Build
run: pnpm run build

- name: Typecheck
run: pnpm run typecheck

test:
needs: changed
name: 'Build&Test: node-${{ matrix.node_version }}, ${{ matrix.os }}'
if: needs.changed.outputs.should_skip != 'true'
runs-on: ${{ matrix.os }}

Expand Down Expand Up @@ -119,6 +122,7 @@ jobs:

test-browser:
needs: changed
name: 'Browser: ${{ matrix.browser[0] }}, ${{ matrix.os }}'
if: needs.changed.outputs.should_skip != 'true'

runs-on: ${{ matrix.os }}
Expand Down Expand Up @@ -151,7 +155,7 @@ jobs:
run: pnpm i

- name: Install Playwright Dependencies
if: steps.changed-files.outputs.only_changed != 'true'
if: needs.changed.outputs.should_skip != 'true'
run: pnpm exec playwright install ${{ matrix.browser[0] }} --with-deps

- name: Build
Expand Down
1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@
"@vitest/coverage-v8": "workspace:*",
"@vitest/ui": "workspace:*",
"bumpp": "^9.5.1",
"changelogithub": "^0.13.9",
"esbuild": "^0.23.0",
"eslint": "^9.9.0",
"fast-glob": "^3.3.2",
Expand Down
Loading

0 comments on commit 5388f0c

Please sign in to comment.